2 matches found
CVE-2009-0820
Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via 1 the enddate parameter to reserve.php and 2 the startdate and enddate parameters to check.php. NOTE: the startdate/reserve.php vector is already covered by CVE-2008-6132...
CVE-2009-0820
CVE-2009-0820 affects phpScheduleIt prior to 1.2.11. It enables remote arbitrary PHP code execution via eval injection through reserve.php (end_date) and check.php (start_date/end_date); the start_date vector is also covered by CVE-2008-6132. OpenVAS/Exploit DB references confirm reserve.php RCE ...